Presentation by Computer Forensics NZ Ltd for Auckland University 415.725SC CF NZ OUR PRIME OBJECTIVE: To successfully recover lost, damaged, hidden or.

Slides:



Advertisements
Similar presentations
Utility program + driver program Thomas Wat 4D (21)
Advertisements

Backing up and Archiving Data Chapter 1. Introduction This presentation covers the following: – What is backing up – What is archiving – Why are both.
FAT vs NTFS.
Backing Up Your Computer Hard Drive Lou Koch June 27, 2006.
1 X-Ways Security: Permanent Erasure Supervised By: Dr. Lo’ai Tawalbeh Prepared By :Murad M. Ali.
Backup Strategy. An Exam question will ask you to describe a backup strategy. Be able to explain: Safe, secure place in different location. Why? – For.
Computer Forensics, The Investigators Persepective Paul T. Mobley Sr. Computer Forensics Consultant Jawz Inc.
Princeton PC Users Group Hard Drive Disaster! By Paul Kurivchack March 14, 2005.
5-9/12/2005 CPE How to format your computer and re-install Windows XP.
1 Pertemuan 23 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
Guide to Computer Forensics and Investigations Fourth Edition
Chapter 12 File Management Systems
COS/PSA 413 Day 15. Agenda Assignment 3 corrected –5 A’s, 4 B’s and 1 C Lab 5 corrected –4 A’s and 1 B Lab 6 corrected –A, 2 B’s, 1 C and 1 D Lab 7 write-up.
Applications with Warrants In Mind. The Law  Why are there laws specifically for computer crimes?  A persons reasonable right to privacy  The nature.
File System Security Jason Eick and Evan Nelson. What does a file system do? A file system is a method for storing and organizing computer files and the.
Data Elimination 101. What Does Degauss Mean? Computer hard drives use magnetic fields to store data on special discs called platters. Degaussing is the.
Data Recovery Techniques By Danny Seltzer and Evan Hollander.
Source XP vs Windows 7 XPWin 7.
Procedures for Backup and Recovery Section 14. Key points and questions What data should be backed up and how often? What do we mean by full backup, incremental.
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
Data Deletion and Recovery. Data Deletion  What does data deletion mean in your own words?
Data Security GCSE ICT.
Security The Kingsway School. Accidental Data Loss Data can be lost or damaged by: Hardware failure such as a failed disk drive Operator error e.g. accidental.
Video Following is a video of what can happen if you don’t update your security settings! security.
Guide to Computer Forensics and Investigations, Second Edition
Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 14 Windows XP Professional 1.
1 Chapter 12 File Management Systems. 2 Systems Architecture Chapter 12.
BACKUP AND ARCHIVING DATA BACKUP AND RECOVERY OF DATA.
Module 7. Data Backups  Definitions: Protection vs. Backups vs. Archiving  Why plan for and execute data backups?  Considerations  Issues/Concerns.
CIS 450 – Network Security Chapter 16 – Covering the Tracks.
Data Recovery Techniques Florida State University CIS 4360 – Computer Security Fall 2006 December 6, 2006 Matthew Alberti Horacesio Carmichael.
Preventing Common Causes of loss. Common Causes of Loss of Data Accidental Erasure – close a file and don’t save it, – write over the original file when.
Computer Forensics Principles and Practices
Bits, Bytes, Files, Hard Drives. Bits, Bytes, Letters and Words ● Bit – single piece of information ● Either a 0 or a 1 ● Byte – 8 bits of information.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Computer Forensics Data Recovery and Evidence Collection September.
1 Interface Two most common types of interfaces –SCSI: Small Computer Systems Interface (servers and high-performance desktops) –IDE/ATA: Integrated Drive.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Guest Lecture September 21, 2009.
Guide to Computer Forensics and Investigations Fourth Edition
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 15 – The Hard Drive.
Chapter 6 Protecting Your Files. 2Practical PC 5 th Edition Chapter 6 Getting Started In this Chapter, you will learn: − What you should know about losing.
Ensuring Network Security Making Networks Secure Maintaining a Healthy Network Environment Avoiding Data Loss 1.
Backup & Restore The purpose of backup is to protect data from loss. The purpose of restore is to recover data that is temporarily unavailable due to some.
Module 15 Managing Windows Server® 2008 Backup and Restore.
XP Practical PC, 3e Chapter 6 1 Protecting Your Files.
MCSE Guide to Microsoft Windows Vista Professional Chapter 5 Managing File Systems.
Verification & Validation F451 AS Computing. Why check data? It’s useless if inaccurate. Also, wrong data: Can be annoying Can cost a fortune Can be dangerous.
Cosc 4750 Backups Why Backup? In case of failure In case of loss of files –User and system files Because you will regret it, if you don’t. –DUMB = Disasters.
Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.
Understanding Backup and Recovery Methods Lesson 8.
IT1001 – Personal Computer Hardware & system Operations Week7- Introduction to backup & restore tools Introduction to user account with access rights.
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 36 – Troubleshooting a Malfunctioning PC.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 File Systems September 22, 2008.
Verification & Validation
Chapter 8 File Systems FAT 12/16/32. Defragmentation Defrag a hard drive – Control Panel  System and Security  Administration tools  Defrag hard drive.
ICT Unit 3 Storage Devices and Media. What is backing up of data? Backing up refers to the copying of file to a different medium It’s useful if in case.
Visit:  If you have lost important files, take a deep breath and rest assured that disk recovery software can likely help.
© ExplorNet’s Centers for Quality Teaching and Learning 1 Explain the importance of security and encryption. Objective Course Weight 2%
How to Recover Deleted Files from Android Phone Internal Memory and External SD Card
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
Advanced System Optimizer V3 Systweak Software. Overview Advanced System Optimizer is an all-in-one PC utility as it is fully equipped with an arsenal.
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
Chapter 6 Protecting Your Files
CS101 Storage Information.
Storage devices and media
Backing Up Your Computer
COEN 252: Computer Forensics
Backup and restoration of data, redundancy
COMP1321 Digital Infrastructures
Presentation transcript:

Presentation by Computer Forensics NZ Ltd for Auckland University SC CF NZ OUR PRIME OBJECTIVE: To successfully recover lost, damaged, hidden or deleted files from a computer system after an accidental, deliberate or malicious action. COMPUTER FORENSICS NZ LTD

Presentation by Computer Forensics NZ Ltd for Auckland University SC  What is computer forensics?  Disk operating system considerations.  How data is recovered.  What to do when data can’t be recovered, and how to prevent recovery.  Commercial and paralegal aspects.  The process.  Q & A. THIS PRESENTATION

Presentation by Computer Forensics NZ Ltd for Auckland University SC WHAT IS COMPUTER FORENSICS Computer Forensics is the acquisition, preservation, preparation, analysis and presentation of computer-related evidence utilising secure, controlled methodologies and auditable procedures.

Presentation by Computer Forensics NZ Ltd for Auckland University SC THE FATHER OF FORENSICS “For any two points of contact there is always a cross-transference of material from one to the other.” Edmond Locard Every contact leaves a trace.

Presentation by Computer Forensics NZ Ltd for Auckland University SC MODERN PERSPECTIVE For ever interaction with a PC there will always be material left behind on that PC OR

Presentation by Computer Forensics NZ Ltd for Auckland University SC EVERY INTERACTION WITH A PC LEAVES TRACE DATA BEHIND MODERN PERSPECTIVE #2

Presentation by Computer Forensics NZ Ltd for Auckland University SC  Master Boot Record.  Partition table.  File Allocation Table.  Data storage area. GENERIC DISK OS

Presentation by Computer Forensics NZ Ltd for Auckland University SC  Reference only is deleted  Space is flagged as available for re use.  FDISK and FORMAT Urban myths WHEN DELETE IS NOT DELETE

Presentation by Computer Forensics NZ Ltd for Auckland University SC  Full files.  ASCII text.  Graphics. WHAT INFO CAN BE RECOVERED

Presentation by Computer Forensics NZ Ltd for Auckland University SC When the hard disc platter has been:  Badly distorted by fire.  Significant physical damage.  Subjected to abnormally high magnetic fields. WHEN IS THERE PROBABLY NO CHANCE

Presentation by Computer Forensics NZ Ltd for Auckland University SC  Overwrite all sectors.  Once, many times.  Protect from whom.  Ultimate protection. PROTECT AGAINST DATA RECOVERY??

Presentation by Computer Forensics NZ Ltd for Auckland University SC  Case 1 – Avco.  Case 2 – Government departments.  Happens every day every where. DON’T GIVE THE COMPANY’S SECRETS AWAY

Presentation by Computer Forensics NZ Ltd for Auckland University SC Main Causes:  Accidental delete.  Advised to reformat by IT advisor.  Partition table corrupt.  Disk hardware failure.  Malicious damage.  Viral contamination. COMMERCIAL DATA RECOVERY

Presentation by Computer Forensics NZ Ltd for Auckland University SC  Unintended left evidence.  High usage of PCs at home.  Private use of company PC.  Files on archival backups.  Electronic media discovery. PARALEGAL DATA RECOVERY

Presentation by Computer Forensics NZ Ltd for Auckland University SC Cases:  Professional practice 2 years ago.  Ex-employee using company data.  Senior manager and PA setting up competitive company. PARALEGAL DATA RECOVERY #2

Presentation by Computer Forensics NZ Ltd for Auckland University SC Similar for data recovery and paralegal:  Acquire.  Preserve.  Prepare.  Analyse.  Present. THE RECOVERY PROCESS

Presentation by Computer Forensics NZ Ltd for Auckland University SC Three key points to leave with you.  Data is rarely completely deleted from a hard disk.  Implications for commercial security.  Implications for prosecution and defence in court. RECAP

Presentation by Computer Forensics NZ Ltd for Auckland University SC Paralegal  com/subjects.html  General Data Recovery   privacy.htm SUGGESTED SURFING

Presentation by Computer Forensics NZ Ltd for Auckland University SC YOUR TURN Q & A TIME

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.